The SEC’s increased emphasis on cybersecurity continues to merit attention as it enhances the focus on Private Funds, ESG, and Operational Resiliency.

SEC Division of Examinations Announces 2022 Examination PrioritiesImage Source: Stock

 

Key Takeaways:

  • Most notably, from a CYBERSECURITY PERSPECTIVE, the SEC is focused on Information Security and Operational Resilience as it relates to broker-dealers’, RIAs’, and other registrants’ practices to prevent interruptions to mission-critical services and to protect investor information, records, and assets.
  • For Information Security and Operational Resiliency, the Division will review broker-dealers’, RIAs’, and other registrants’ practices to prevent interruptions to mission-critical services and to protect investor information, records, and assets.
  • Examinations will continue to review whether firms have taken appropriate measures to:
    • Safeguard customer accounts and prevent account intrusions
    • Oversee vendors and service providers
    • Address malicious email activities, such as phishing or account intrusions
    • Respond to incidents, including those related to ransomware attacks, identify and detect red flags related to identity theft, and manage operational risk as a result of a dispersed workforce
  • In addition, the Division will again be reviewing registrants’ business continuity and disaster recovery plans, with a particular focus on the impact of climate risk and substantial disruptions to normal business operations.

 

 

Why it Matters:

  • The priorities are based on a risk-based approach that includes an analysis of a given entity’s history, operations, services, products offered, and other risk factors to ensure there are guard rails in place to prevent past mistakes.
  • The list is compiled by staff who are uniquely positioned to examine practices, products, services, and other factors that may pose risks to investors or the financial markets.

 

 

Resources:

 

For more information on how BW Cyber can assist you, please contact us at info@bwcyberservices.com.